Response to the Office Action of April 29, 2009 
Serial No. 10/733,326 



REMARKS 

Claims 1-4, 6-16, 18-26 and 28-34 are pending in the present application. Claims 
5, 17 and 27 have been cancelled by way of this amendment. 

The Examiner has rejected claims 1,13 and 23 under 35 U.S.C. § 112 for failing 
to disclose direct transmission of a session token to a second server as claimed and for failing to 
disclose a decrypted session token. Claims 1,13 and 23 have been amended to replace 
reference to "a decrypted session token" with reference to "a session ID and timestamp". 
Previously dependent claims 5, 17 and 27, which indicated that the decrypted session token 
includes a session ID and a timestamp, have been cancelled. 

The Examiner correctly indicates that the present specification discloses, on 
many occasions, transmission of a session ID and timestamp from first server directly to second 
server. 

The Examiner has rejected claims 1-6, 9-18, 21-28 and 31-34 under 35 U.S.C. § 
1 03(a) as being unpatentable over US patent Publication No. 2003/00051 1 8 to Williams 
(hereinafter "Williams") in view of US patent Publication No. 2004/0210771 to Wood et al. 
(hereinafter "Wood"). 

The Office Action was issued following the United States Supreme Court's 
decision in the case of KSR Int'l Co. v. Teleflex Inc. , No. 04-1350 (April 30, 2007). In light of the 
KSR decision, Applicant wishes to address various issues pertaining to a proper analysis under 
section 103. 
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The Examiner, by citing two references and asserting a reason for combining 
elements from the two references, has elected to base the rejection of claims 1-34 upon a 
teaching, suggestion or motivation to select and combine features from the cited references. 
Applicant wishes to point out that the Supreme Court's KSR decision did not reject use of a 
"teaching, suggestion or motivation" analysis as part of an obviousness analysis, characterizing 
the analysis as "a helpful insight." KSR slip op. at 14-15. 

When the Examiner chooses to base a rejection upon a teaching, suggestion or 
motivation analysis, the Examiner must satisfy the requirements of such an analysis. In 
particular, the Examiner must demonstrate with evidence and reasoned argument that there was 
a teaching, suggestion or motivation to select and combine features from the cited references, 
e.g., In re Lee , 61 USPQ2d 1430, 1433 (Fed. Cir. 2002). Moreover, the prior art must suggest 
the desirability of the combination, not merely the feasibility, see In re Fulton , 73 USPQ2d 1141, 
1145 (Fed. Cir. 2004). 

In the event that the cited references fail to disclose or suggest all of the elements 
recited in the claims, then combining elements from the references would not yield the claimed 
subject matter, regardless of the extent of any teaching, suggestion or motivation. 

Although the Supreme Court did not reject use of a "teaching, suggestion or 
motivation" analysis, the Supreme Court did say that it was not the only possible analysis of an 
obviousness question. Because of the Examiner's chosen ground for rejection, however, the 
only pending ground for rejection must be a "teaching, suggestion or motivation" analysis. In the 
event that the Examiner chooses to consider a different avenue for rejection, this would be a 
new ground for rejection not due to any action by Applicant. Applicant has a right to be heard on 
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any new ground for rejection. 

Applicant further respectfully reminds the Examiner that, even after KSR , the 
following legal principles are still valid, having been endorsed by the Supreme Court or having 
been unaffected by its decision: (1) the USPTO still has the burden of proof on the issue of 
obviousness; (2) the USPTO must base its decision upon evidence, and it must support its 
decision with articulated reasoning (slip op. at 14); (3) merely demonstrating that all elements of 
the claimed invention exist in the prior art is not sufficient to support a determination of 
obviousness (slip op. at 14-15); (4) hindsight has no place in an obviousness analysis (slip op. at 
17); and (5) Applicant is entitled to a careful, thorough, professional examination of the claims 
(slip op. at 7, 23, in which the Supreme Court remarked that a poor examination reflected poorly 
upon the USPTO). 

Claim 1 has been amended to incorporate a limitation from claim 5, namely that a 
session token includes a session ID and a timestamp. Claim 5 has been cancelled. Claims 3, 4, 
9 and 10 have been amended for consistency with amended claim 1. Claims 6 and 7 have been 
amended responsive to the cancellation of claim 5. 

Claim 1, as amended, requires "transmitting said session ID and said timestamp 
directly to the second server". The Examiner has cited passages in Wood that involve passing a 
session token to a browser along with a redirect request so that the browser can transmit the 
session token to the second server. This indirect route is advantageously avoided in the method 
of claim 1 . 

Since it is submitted that neither Williams, nor Wood, nor a combination of 
Williams and Wood suggest or disclose transmitting a session ID and a timestamp, obtained by 
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decrypting an encrypted session token, directly to a second server, it is further submitted that the 
method of claim 1 is not obvious over Williams in view of Wood. It is respectfully requested that 
the Examiner withdraw the rejection of claim 1, and claims 2-4, 6 and 9-12 dependent, either 
directly or indirectly, thereon, as obvious over Williams in view of Wood. 

Claim 1 3 has been amended, in a manner consistent with the amendments to 
claim 1 , to incorporate a limitation from claim 17, namely that a session token includes a session 
ID and a timestamp. Claim 17 has been cancelled. Claims 15, 16 and 21 have been amended 
for consistency with amended claim 13. Claims 18 and 19 have been amended responsive to 
the cancellation of claim 17. 

Claim 13 is directed to a system for secure session management. The system of 
claim 13 includes a first server including a first request handler. Claim 13, as amended for 
consistency with amended claim 1 , requires that the first request handler be adapted to transmit 
a session ID and a timestamp directly to a second server. 

Further to the discussion above, it is submitted that neither Williams, nor Wood, 
nor a combination of Williams and Wood suggest or disclose a first request handler transmitting 
a session ID and a timestamp, obtained by decrypting an encrypted session token, directly to a 
second server. Accordingly, it is submitted that the system of claim 13 is not obvious over 
Williams in view of Wood. It is respectfully requested that the Examiner withdraw the rejection of 
claim 13, and claims 14-16, 18 and 21 dependent, either directly or indirectly, thereon, as 
obvious over Williams in view of Wood. 

Claim 23 has been amended, in a manner consistent with the amendments to 
claim 1, to incorporate a limitation from claim 27, namely that a session token includes a session 
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ID and a timestamp. Claim 27 has been cancelled. Claims 25, 26, 31 and 32 have been 
amended for consistency with amended claim 23. Claims 28 and 29 have been amended 
responsive to the cancellation of claim 27. 

Claim 23 is directed to a computer program product having a computer-readable 
medium tangibly embodying computer executable instructions for secure session management. 
The computer program product of claim 23 includes computer executable instructions for 
transmitting a session ID and a timestamp directly to a second server. Further to the discussion 
above, it is submitted that neither Williams, nor Wood, nor a combination of Williams and Wood 
suggest or disclose computer program product including computer executable instructions for 
transmitting a session ID and a timestamp directly to the second server. Accordingly, it is 
submitted that the computer program product of claim 23 is not obvious over Williams in view of 
Wood. It is respectfully requested that the Examiner withdraw the rejection of claim 23, and 
claims 24-26, 28 and 31-34 dependent, either directly or indirectly, thereon, as obvious over 
Williams in view of Wood. 

The Examiner has rejected claims 7 and 8 under 35 U.S.C. § 103(a) as being 
unpatentable over Williams in view of Wood in further view of Bachman. Claims 7 and 8 depend 
directly and indirectly, respectively, from claim 1 and add limitations. The Examiner contends 
that the combination of Williams and Wood discloses most of the subject matter of claims 7 and 
8 and cites Bachman to illustrate that the additional limitations added by claims 7 and 8 were 
known at the time the claimed inventions was made. Without regard to whether Bachman 
discloses the limitations added by claims 7 and 8, it is submitted that Bachman does not suggest 
or disclose transmitting a session ID and a timestamp directly to a second server as required by 
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claim 1. 

Since it is submitted that neither Williams, nor Wood, nor Bachman, nor a 
combination of Williams, Wood and Bachman suggest or disclose transmitting a session ID and 
a timestamp directly to a second server, it is further submitted that the method of claims 7 and 8 
are patentable over Williams in view of Bachman. It is respectfully requested that the Examiner 
withdraw the rejection of claims 7 and 8 as obvious. 

The Examiner has rejected claims 19 and 20 under 35 U.S.C. § 103(a) as being 
unpatentable over Williams in view of Wood in further view of Bachman. Claims 1 9 and 20 
depend indirectly from claim 1 3 and add limitations. The Examiner contends that the 
combination of Williams and Wood discloses most of the subject matter of claims 1 9 and 20 and 
cites Bachman to illustrate that the additional limitations added by claims 19 and 20 were known 
at the time the claimed inventions was made. Without regard to whether Bachman discloses the 
limitations added by claims 19 and 20, it is submitted that Bachman does not suggest or disclose 
a first request handler transmitting a session ID and a timestamp directly to a second server, as 
required by claim 13. 

Since it is submitted that neither Williams, nor Wood, nor Bachman, nor a 
combination of Williams, Wood and Bachman suggest or disclose a first request handler 
transmitting a session ID and a timestamp, received along with a request, directly to a second 
server, it is further submitted that the system of claims 1 9 and 20 are patentable over Williams in 
view of Bachman. It is respectfully requested that the Examiner withdraw the rejection of claims 
19 and 20 as obvious. 



The Examiner has rejected claims 29 and 30 under 35 U.S.C. § 103(a) as being 
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unpatentable over Williams in view of Wood in further view of Bachman. Claims 29 and 30 
depend indirectly from claim 23 and add limitations. The Examiner contends that Williams 
discloses most of the subject matter of claims 29 and 30 and cites Bachman to illustrate that the 
additional limitations added by claims 29 and 30 were known at the time the claimed inventions 
was made. Without regard to whether Bachman discloses the limitations added by claims 29 
and 30, it is submitted that Bachman does not suggest or disclose transmitting a session ID and 
a timestamp, directly to a second server, as required by claim 23. 



combination of Williams, Wood and Bachman suggest or disclose computer executable 
instructions for transmitting a session token, received along with a request, directly to a second 
server, it is further submitted that the computer program products of claims 29 and 30 are 
patentable over Williams in view of Bachman. It is respectfully requested that the Examiner 
withdraw the rejection of claims 29 and 30 as obvious. 



Since it is submitted that neither Williams, nor Wood, nor Bachman, nor a 



Favorable reconsideration and allowance of this application are respectfully 



requested. 



Respectfully Submitted, 



Nortel Networks Limited 




Place: Toronto, Ontario, Canada 
Date: June 26, 2008 
Tele No.: 416-868-1482 
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